找回密码

4 years ago · c6aa75ca44
parent 58a26d8951
commit c6aa75ca44
14 changed files with 85 additions and 43 deletions
--- a/dq-financial-hrms-auth/pom.xml
+++ b/dq-financial-hrms-auth/pom.xml
@ -52,7 +52,7 @@
        </dependency>


-        <dependency>
+<!--        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-security</artifactId>
        </dependency>
@ -69,7 +69,7 @@
        <dependency>
            <groupId>org.springframework.security.oauth</groupId>
            <artifactId>spring-security-oauth2</artifactId>
-            <!-- 指明版本，解决redis存储出现的问题：java.lang.NoSuchMethodError: org.springframework.data.redis.connection.RedisConnection.set([B[B)V问题 -->
+            &lt;!&ndash; 指明版本，解决redis存储出现的问题：java.lang.NoSuchMethodError: org.springframework.data.redis.connection.RedisConnection.set([B[B)V问题 &ndash;&gt;
            <version>2.3.3.RELEASE</version>
        </dependency>

@ -77,7 +77,7 @@
            <groupId>com.baomidou</groupId>
            <artifactId>mybatis-plus-boot-starter</artifactId>
            <version>3.0.5</version>
-        </dependency>
+        </dependency>-->
    </dependencies>

    <dependencyManagement>
--- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/AuthorizationServer.java
+++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/AuthorizationServer.java
@ -1,3 +1,4 @@
+/*
 package com.daqing.financial.hrauth.config;

 import org.springframework.beans.factory.annotation.Autowired;
@ -18,12 +19,14 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
 import org.springframework.security.oauth2.provider.token.TokenStore;

+*/
 /**
 * 配置OAuth2.0授权服务器
 *
 * @auther River
 * @date 2020/9/21 17:49
- */
+ *//*
+
@Configuration
@EnableAuthorizationServer
 public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
@ -42,9 +45,11 @@ public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
    @Autowired
    public PasswordEncoder passwordEncoder;

-    /**
+    */
+/**
     * 配置令牌的安全约束(允许哪些请求访问)
-     */
+     *//*
+
    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security
@ -53,9 +58,11 @@ public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
                .allowFormAuthenticationForClients(); //允许表单提交,允许客户端访问 OAuth2 授权接口，否则请求 token 会返回 401。
    }

-    /**
+    */
+/**
     * 配置支持哪些客户端访问
-     */
+     *//*
+
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
@ -72,9 +79,11 @@ public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
                .scopes("all");
    }

-    /**
+    */
+/**
     * 配置令牌(token)的访问端点
-     */
+     *//*
+
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints
@ -84,9 +93,11 @@ public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
                .allowedTokenEndpointRequestMethods(HttpMethod.POST); // 允许的请求方式
    }

-    /**
+    */
+/**
     * 令牌服务
-     */
+     *//*
+
    @Bean
    public AuthorizationServerTokenServices tokenServices(){
        DefaultTokenServices service = new DefaultTokenServices();
@ -98,12 +109,15 @@ public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
        return service;
    }

-    /**
+    */
+/**
     * 授权码服务(设置授权码模式的授权码如何存取,暂时在内存,后期在数据库)
-     */
+     *//*
+
    @Bean
    public AuthorizationCodeServices authorizationCodeServices(){

        return new InMemoryAuthorizationCodeServices();
    }
 }
+*/
--- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java
+++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/SecurityConfig.java
@ -1,3 +1,4 @@
+/*
 package com.daqing.financial.hrauth.config;

 import com.daqing.financial.hrauth.service.impl.UserLoginServiceImpl;
@ -11,17 +12,21 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;

+*/
 /**
 * @auther River
 * @date 2020/9/22 10:26
- */
+ *//*
+
@Configuration
@EnableWebSecurity // 开启security
 public class SecurityConfig extends WebSecurityConfigurerAdapter {

-    /**
+    */
+/**
     * 不能直接new对象,否则会在注入之前被拦截器拦截
-     */
+     *//*
+
    @Bean
    public UserLoginServiceImpl customerLoginService(){

@ -43,9 +48,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
        return new BCryptPasswordEncoder();
    }

-    /**
+    */
+/**
     * 认证管理器
-     */
+     *//*
+
    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
@ -65,3 +72,4 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
    }
 }

+*/
--- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/TokenConfig.java
+++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/config/TokenConfig.java
@ -1,3 +1,4 @@
+/*
 package com.daqing.financial.hrauth.config;

 import org.springframework.context.annotation.Bean;
@ -5,12 +6,14 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;

+*/
 /**
 * 令牌配置类
 *
 * @auther River
 * @date 2020/9/22 9:54
- */
+ *//*
+
@Configuration
 public class TokenConfig {

@ -20,3 +23,4 @@ public class TokenConfig {
        return new InMemoryTokenStore();
    }
 }
+*/
--- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
+++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
@ -11,7 +11,6 @@ import org.springframework.web.bind.annotation.*;
 * @date 2020/9/22 15:27
 */
@RestController
-@RequestMapping("/hrms/auth/userlogin")
 public class UserLoginController {

    @Autowired
--- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java
+++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/UserLoginService.java
@ -10,4 +10,5 @@ import com.daqing.framework.domain.hrms.request.UserLoginRequest;
 */
 public interface UserLoginService extends IService<UserEntity> {
    Boolean getBackPwd(UserLoginRequest user);
+
 }
--- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java
+++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java
@ -1,6 +1,5 @@
 package com.daqing.financial.hrauth.service.impl;

-import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.daqing.financial.hrauth.dao.UserLoginDao;
 import com.daqing.financial.hrauth.service.UserLoginService;
@ -9,17 +8,10 @@ import com.daqing.framework.domain.hrms.request.UserLoginRequest;
 import com.daqing.framework.domain.hrms.response.HrmsCode;
 import com.daqing.framework.exception.ExceptionCast;
 import org.apache.commons.lang3.StringUtils;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;

 import javax.annotation.Resource;
-import java.util.ArrayList;
-import java.util.List;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;

@ -28,12 +20,12 @@ import java.util.regex.Pattern;
 * @date 2020/9/22 15:01
 */
@Service("userLoginService")
-public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> implements UserLoginService, UserDetailsService {
+public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity> implements UserLoginService {

    @Resource
    private UserLoginDao userLoginDao;

-    @Override
+/*    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        UserEntity user = userLoginDao.getUser(username);
        List<SimpleGrantedAuthority> authorities = new ArrayList<>();
@ -42,7 +34,7 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
        UserDetails userDetails = new User(user.getAccount(),new BCryptPasswordEncoder().encode(user.getPassword()),authorities);

        return userDetails;
-    }
+    }*/

    /**
     * 忘记密码
@ -51,21 +43,27 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
    public Boolean getBackPwd(UserLoginRequest user){
        //判断重置密码参数是否为空
        if(StringUtils.isEmpty(user.getPhoneAccount())){
-            ExceptionCast.cast(HrmsCode.PHNOE_ACCOUNT_ILLEGAL);
+            ExceptionCast.cast(HrmsCode.PHNOE_ACCOUNT_NOT_EMPTY);
        }
        if(StringUtils.isEmpty(user.getVerifyCode())){
-            ExceptionCast.cast(HrmsCode.VERIFY_CODE_ILLEGAL);
+            ExceptionCast.cast(HrmsCode.VERIFY_CODE_NOT_EMPTY);
        }
        if(StringUtils.isEmpty(user.getNewPwd())){
            ExceptionCast.cast(HrmsCode.NEW_PASSWORD_NOT_EMPTY);
        }
        //校验手机账号是否存在
-        int count = this.count(new QueryWrapper<UserEntity>()
-                .eq("phone_account", user.getPhoneAccount()));
+        String phoneAccount = user.getPhoneAccount();
+/*        int count = this.count(new QueryWrapper<UserEntity>()
+                .eq("phone_account", phoneAccount));*/
+        int count = userLoginDao.selectCount(phoneAccount);
        if (count == 0) {
-            ExceptionCast.cast(HrmsCode.PHNOE_ACCOUNT_ILLEGAL);
+            ExceptionCast.cast(HrmsCode.PHNOE_ACCOUNT_NOT_EMPTY);
+        }
+        //判断验证码是否匹配,目前固定为123456
+        String verify = "123456";
+        if(!verify.equals(user.getVerifyCode())){
+            ExceptionCast.cast(HrmsCode.NEW_PASSWORD_NOT_EMPTY);
        }
-        //判断验证码是否匹配

        //密码格式校验
        Pattern pattern = Pattern.compile("^[a-zA-Z0-9]{8,20}$");
--- a/dq-financial-hrms-auth/src/main/resources/bootstrap.properties
+++ b/dq-financial-hrms-auth/src/main/resources/bootstrap.properties
@ -1,6 +1,6 @@

 #<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
-spring.application.name=dq-financial-hrms
+spring.application.name=dq-financial-hrms-auth
 #<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ĵ<EFBFBD>ַ
 spring.cloud.nacos.config.server-addr=192.168.31.142:8848
 spring.cloud.nacos.config.namespace=7632bdaa-3381-4669-b3f9-2fc73be451e8
--- a/dq-financial-hrms-auth/src/main/resources/mapper/hrmsauth/UserLoginMapper.xml
+++ b/dq-financial-hrms-auth/src/main/resources/mapper/hrmsauth/UserLoginMapper.xml
@ -2,6 +2,16 @@
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">

 <mapper namespace="com.daqing.financial.hrauth.dao.UserLoginDao">
+    <!-- 可根据自己的需求，是否要使用 -->
+    <resultMap type="com.daqing.framework.domain.hrms.UserEntity" id="userMap">
+        <result property="id" column="id"/>
+        <result property="account" column="account"/>
+        <result property="phoneAccount" column="phone_account"/>
+        <result property="password" column="password"/>
+        <result property="loginNum" column="login_num"/>
+        <result property="createTime" column="create_time"/>
+        <result property="motifyTime" column="motify_time"/>
+    </resultMap>
    <update id="updatePasswordByPhoneAccount">
        update hrms_user set password = #{password} where phone_account = #{phoneAccount}
    </update>
--- a/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/UserEntity.java
+++ b/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/UserEntity.java
@ -77,4 +77,5 @@ public class UserEntity implements Serializable {
 	 * 更新时间
 	 */
 	private Date motifyTime;
+
 }
--- a/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java
+++ b/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java
@ -21,10 +21,11 @@ public enum HrmsCode implements ResultCode {
    DEPT_EMP_EXSIT(false, 22004, "请将部门下所有员工移除后再执行删除操作！"),
    DEPT_POSITION_EXSIT(false, 22005, "该部门下已存在该职位！"),

-    PHNOE_ACCOUNT_ILLEGAL(false,33001,"手机号码为空"),
-    VERIFY_CODE_ILLEGAL(false,33002,"短信验证码为空"),
+    PHNOE_ACCOUNT_NOT_EMPTY(false,33001,"手机号码为空"),
+    VERIFY_CODE_NOT_EMPTY(false,33002,"短信验证码为空"),
    NEW_PASSWORD_NOT_EMPTY(false,33003,"新密码不能为空"),
    NEW_PASSWORD_ILLEGAL(false,33004,"新密码格式不正确"),
+    VERIFY_CODE_ILLEGAL(false,33005,"验证码不匹配"),
    EMP_POSITION_EXSIT(false, 22006, "该职位下已关联员工！");


--- a/dq-framework-model/target/classes/com/daqing/framework/domain/hrms/response/HrmsCode.class
+++ b/dq-framework-model/target/classes/com/daqing/framework/domain/hrms/response/HrmsCode.class
--- a/dq-govern-gateway/src/main/resources/application.yml
+++ b/dq-govern-gateway/src/main/resources/application.yml
@ -17,4 +17,10 @@ spring:
          predicates:
            - Path=/api/**
          filters:
-            - RewritePath=/api/(?<segment>.*),/ $\{segment}
+            - RewritePath=/api/(?<segment>.*),/ $\{segment}
+        - id: hrms_auth_route
+          uri: http://localhost:9000/dq-financial-hrms-auth #lb://dq-financial-hrms-auth
+          predicates:
+            - Path=/apiHrmsAuth/**
+          filters:
+            - RewritePath=/apiHrmsAuth/(?<segment>.*), /$\{segment}
--- a/dq-govern-gateway/src/main/resources/jwt.properties
+++ b/dq-govern-gateway/src/main/resources/jwt.properties
@ -1 +1 @@
-jwt.ignoreUrlList=/api/hrms/employee/list,/route-api/refresh
+jwt.ignoreUrlList=/apiHrmsAuth/getBackPwd,